Oracle® Cloud

What's New for Oracle CASB Cloud Service

Release 20.1.1.0

E87961-45

January 2020

What’s New for Oracle CASB Cloud Service

When new and changed features become available, Oracle CASB Cloud Service instances are upgraded in the data centers where Oracle Cloud services are hosted. Here’s an overview of new features and enhancements added in the past 12 months to improve your Oracle CASB Cloud Service experience.

You don’t need to request an upgrade to be able to use the new features—they come to you automatically.

Information on known and fixed issues is located in a separate document, Known Issues for Oracle CASB Cloud Service.

Week of January 5, 2020

Component Description of New Features

Oracle CASB Cloud Service

New security controls for Oracle Cloud Interface (OCI). When you are updating the security control baseline for an OCI instance, you will now see the new security controls listed below – help links display information for configuring the controls:

  • Network security group – Egress rule contains disallowed source IP/port

  • Network security group – Ingress rule contains disallowed source IP/port

  • VNIC without associated Network security group

Week of October 8, 2019

Component Description of New Features

Oracle CASB Cloud Service

Migration of Data Centers: Oracle CASB Cloud Service (CASB) will be migrating its operation from its current data centers to Oracle Cloud Infrastructure (OCI) in mid-November:

  • US operations (https://loric.palerra.net) migration from Virginia to Phoenix, the operation will begin on Nov 16, 2019 at 03:00 GMT / Nov 15, 2019 at 23:00 EST / 20:00 PST

  • EU operations (https://loric-eu.palerra.net) migration from Dublin, Ireland to Frankfurt, Germany on Nov 23, 2019 at 03:00 GMT / Nov 22, 2019 at 23:00 EST / 20:00 PST

For answers to specific questions about the impact of the data center migration, see Managing Oracle CASB Cloud Service's Data Center Migration.

Week of July 28, 2019

Component Description of New Features

Oracle CASB Cloud Service

  • Several enhancements have been added for Oracle Cloud Infrastructure (OCI) monitoring:

    • Bulk registration of compartments. In one step, you can now register as many compartments from the same OCI instance as you want to. See Adding an OCI Instance.

    • Display monitored regions. When you are adding or updating an OCI instance, you can view the monitored regions for the instance. See Adding an OCI Instance and Updating an OCI Instance.

    • New security controls. When you are updating the security control baseline for an OCI instance, you will now see the new security controls listed below – help links display information for configuring the controls:

      • IAM password has not been rotated

      • Compute Instance is running an Oracle image

  • Filter values in Access Map. You can select the type of events that you want in the Access Map by selecting an appropriate value from the Filter drop-down. Oracle CASB Cloud Service remembers this selection for the current session. See Dashboard.

Week of April 21, 2019

Component Description of New Features

Oracle CASB Cloud Service

Week of April 7, 2019

Component Description of New Features

Oracle CASB Cloud Service

  • Blacklist & whitelist entries now allow IPv6/CIDR formats. See Putting IP Addresses on Blacklists or Whitelists.

  • See the administrator role assigned to your login. Your administrator role determines the features that you can access and the functions that you can perform in Oracle CASB Cloud Service. The role assigned to your login is now displayed on the user icon menu. See Viewing Your Role.

  • Select business objects to be monitored for Fusion Apps in the Oracle CASB Cloud Service console. Now you only have to enable business object monitoring in the Fusion Applications console, and all business objects available to be monitored for a particular supported Fusion Application instance are automatically selected. You can deselect any combination of business objects that you don't want to monitor. See Updating Monitoring Properties for an Oracle ERP Cloud Instance, Updating Monitoring Properties for an Oracle HCM Cloud Instance, and Updating Monitoring Properties for an Oracle Sales Cloud Instance.

  • Several enhancements have been added for Oracle Cloud Infrastructure (OCI) monitoring:

    • Trigger an alert for detaching a VNIC, in addition to other actions on VNICs (virtual network interface cards). See Creating Alerts for Compute Instances.

    • New security controls have been added for OCI instances:

      • Database not at vendor recommended version
      • Database not being automatically backed up
      • Database system with patches not applied
      • Database system with public IP address
      • Multifactor authentication not enabled
      • OCI compartment not registered in Oracle CASB

      See Updating the Security Control Baseline for an OCI Instance.

  • Help links for individual SAP SuccessFactors security controls have been added, to provide direct access to the documentation available for each security control. See Updating the Security Control Baseline for a SuccessFactors Instance.

Week of March 10, 2019

Component Description of New Features

Oracle CASB Cloud Service

  • First new tenant admin can be created automatically. The person who receives the welcome letter is automatically set up as the root tenant administrator for the new Oracle CASB Cloud Service tenant. The first person who logs in to the console after that recipient can automatically be set up as a tenant administrator, without the need to create the user in both the Oracle Cloud MyServices dashboard and the Oracle CASB Cloud Service console. See Setting Up a Primary Tenant Administrator.

  • Several enhancements for Oracle Cloud Infrastructure (OCI) monitoring:
  • New business object monitored for Oracle HCM Cloud: The Personal Payment Method business object has been added to the list of business objects that Oracle CASB Cloud Service monitors when you register Oracle HCM for monitoring. See Adding an Oracle HCM Cloud Instance.

  • Allow Oracle CASB Cloud Service to automatically whitelist trusted network addresses, if you wish to. See Setting Your Preferences, or you can set this preference on the page that displays whitelisted and blacklisted IP addresses.

  • AWS security controls for encryption status allow exceptions for specified tags. The "Check EBS volume encryption status" and "Check RDS encryption status" security controls now allow you to specify tags for instances for which you do not wish to generate risk events. See Security Control Values for AWS (Push Security Controls).

  • New report for SAP SuccessFactors: A new "Sensitive Permissions assigned to User Groups" report is now available for SuccessFactors. See Viewing Reports for ServiceNow.

  • New ASN and ISP information in user details: ASN (autonomous system number) and ISP information that was previously added to risk events is now shown in the detailed information for users. See User Activity Reports.

Week of February 10, 2019

Component Description of New Features

Oracle CASB Cloud Service

  • Integration with Oracle Cloud Infrastructure (OCI) has been enhanced:

    • Security control templates are now supported, to make managing of security control settings across multiple OCI instances easy. See Working with OCI Security Control Baseline Settings and Templates.

      To enable this feature, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Cloud Service Customer Success Manager.

    • Access the My Services dashboard directly, from Oracle CASB Cloud Service navigation menu, when you are subscribed to Oracle CASB Cloud Service through universal credit model (UCM). See Accessing Oracle CASB Cloud Service Using Universal Credits.

    • Enhancements to OCI security controls: "IAM Password older than 90 days" has been added; and "Public bucket is found" and "Tenancy Administrator privilege granted to additional IAM group" now allow you to define exceptions. See Updating the Security Control Baseline for an OCI Instance.

    • Public/private key pair maintenance released week of January 13 is now generally available on all Oracle CASB Cloud Service tenants. See Preparing a Public/Private Key Pair.

    • Enhanced compartment support for an OCI instance, released week of January 13 is now generally available on all Oracle CASB Cloud Service tenants. See Adding an OCI Instance.

  • Single sign-on (SSO) through Oracle Identity Cloud Service (IDCS) is now supported in all Oracle Fusion Applications that you register in Oracle CASB Cloud Service. See Adding an Oracle ERP Cloud Instance, Adding an Oracle HCM Cloud Instance, and Adding an Oracle Sales Cloud Instance.

  • Trigger policy alerts based on additional actions on SharePoint and OneDrive files in Office 365 files. You can now get alerts for anonymous and company linking actions performed on SharePoint and OneDrive files. See Creating Alerts for SharePoint and OneDrive Files and Folders.

  • New troubleshooting topics for SAP SuccessFactors have been added. See Troubleshooting for SuccessFactors.

  • Risk Events now shows ASN (autonomous system number) information for IP addresses. When you move the mouse pointer over an IP address on the Risk Events page, the pop-up now includes the ASN name (ASN Name) and number (ASN Number) in addition to geographic location information (City, State, and Postal code).

    See Viewing Risk Events from the Risk Events Page. This topic describes how you can view risk events where you can see these enhancements; the topic doesn't mention them directly.

Oracle CASB Cloud Service — Discovery

  • Warning is provided when expected user count is exceeded. Any time that the actual number of users in Oracle CASB Cloud Service — Discovery exceeds the expected user count in your subscription, you now see a warning message, with a link to update your subscription. See Subscribing to Oracle CASB Cloud Service — Discovery.

  • General availability - new key security indicators released week of January 13 are now generally available on all Oracle CASB Cloud Service tenants which are subscribed to Oracle CASB Cloud Service — Discovery. See Working with the Key Security Indicators Tab.

Week of January 13, 2019

Component Description of New Features

Oracle CASB Cloud Service

  • Integration with Oracle Cloud Infrastructure (OCI) has been enhanced:

    • You can maintain your public/private key pairs in Oracle CASB Cloud Service. Instead of creating and maintaining the public/private key pairs necessary to connect Oracle CASB Cloud Service with OCI on your laptop, you can now do this right in the Oracle CASB Cloud Service console, using the CASB Key-Pair Management option in the Configuration submenu. See Preparing a Public/Private Key Pair.

      To enable this feature, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Cloud Service Customer Success Manager.

    • Steps have been streamlined to specify a particular compartment for an OCI instance, when you register it for Oracle CASB Cloud Service to monitor. See Adding an OCI Instance.

      To enable this feature, contact Oracle Support (http://support.oracle.com). If you have not registered yet, you will need your Customer Support Identifier (CSI) in order to register to submit service request tickets. As an alternative, you can also contact your Oracle CASB Cloud Service Customer Success Manager.

  • SAP SuccessFactors has two new enhancements:

  • Microsoft Office 365 policy alerts now can trigger on sharing level. In the policy creation wizard, when you select Data Protection on the Name page and SharePoint/OneDrive File as the Resource, you can now specify Sharing Level as a condition to trigger or skip the alert. See Condition Parameters for Office 365.

  • Enabling business object auditing is now largely automated for Oracle ERP Cloud and Oracle HCM Cloud. All you have to do within those Fusion Applications is set Auditing Level to Auditing; you no longer need to select individual business objects to be monitored. See Enabling Business Object Auditing for Oracle ERP Cloud and Enabling Business Object Auditing for Oracle HCM Cloud.

Week of December 16, 2018

Component Description of New Features

Oracle CASB Cloud Service

  • Monitor SAP SuccessFactors in Oracle CASB Cloud Service. You can now register a SuccessFactors instance to be monitored by Oracle CASB Cloud Service. See Setting Up SAP SuccessFactors.

  • Collect logs from an external account for an AWS instance that you register. You can now specify that logs should be collected from an external account when you register or update credentials for an AWS instance. SeeUpdating the Credentials for an AWS Instance, or the specific topic for the type of AWS instance you are adding under Preparing and Registering AWS.

Oracle CASB Cloud Service — Discovery

Tagging has been enhanced in Oracle CASB Cloud Service — Discovery:

Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers that have purchased support have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.


Oracle Cloud What's New for Oracle CASB Cloud Service, Release 20.1.1.0

E87961-45

Copyright © 2016, 2020, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable:

U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.